Downloads:

Since you surely can read the 2500 commits by yourself (or the detailed changelog), we’re just going to highlight some cool new features and improvements:

New platforms!

r2-0.9.8 now builds for Android L, which enables two new architectures:

Android mips64

Android aarch64

Also, we are now supporting crosscompilation for iOS devices. No need to use jailbroken devices as main builders. The sys/ios-sdk.sh script supports the very latest XCode from Yosemite.

We are also happy to get r2 running on Haiku and it’s great that it’s now finally possible to compile it natively on Windows7 using mingw32. Also xvilka helped to catch and fix the remaining bits to get r2 compilable with Cygwin too.

Javascript is also another supported target platform to compile r2 to, SDB and Rax2 have been already pushed into the FirefoxOS marketplace.

Every arch supported by capstone that we didn’t already had, like SystemZ

Better Debugger

Also, we have reworked on w32 to make the native debugger work again and support hardware breakpoint registers on x86. (thanks Skuater!)

The tracepoints have been implemented, Now each breakpoint can be be toggled to become active/disabled or be used as a tracepoint or breakpoint.

Lot of work have been done to make the GDB remote work and support X86, MIPS and ARM for qemu and gdb-server targets.

Bear in mind that GDB is a totally fucked up protocol with lot of incompatibilities (yes, more than ELF), and each new target depends on several sub-features to be implemented or handled differently in the client side. defragger did a great work testing and implementing them, but there are still more targets to be supported.

SDB integration

SDB is our key-value database system, that we’re integrating into radare2. This simplifies the code, and increases the performances in many areas.

You can play around with SDB using the k commands.

Capstone

We’re now using capstone to disassemble several architectures. This simplifies maintainance on our side, and bring you complete support for several architectures and their extensions (hello AVX, FPU, …).

If you are having disasm or analysis problems, switch to the old udis86 or GNU plugins to compare and send us your feedback. We’ll fix them as soon as possible.

Quality

We also cleaned up lot of warnings and memory corruption issues by using different fuzzers (radamsa, melkor, nightmare, zzuf, …), to make the RBin plugins much more reliable on fucked up targets. We know there are still some corner cases to fix, and we will address them in the next bugfix release 0.9.9.

The R_IO layer have been heavily tested, reviewed and partly rewritten to be more stable (thanks condret!)

DWARF

Montekki spent some time to add support for DWARF! Now you can debug your favourite ELF binary (almost) without reading assembly!

ESIL

ESIL stands for Evaluable Strings Intermedate Language. It aims to describe a Forth-like representation for every opcode; the goal within radare being emulation, in order to improve the analysis.

ASCII art graphs

Spawned by default when pressing V inside the Visual mode when placing the cursor on an already analized function. For callgraphs use VVV.

Graphviz, JSON and HTML5 interactive graphs are still supported, but not used by default.

In addition, some basic debugging can be done inside the ascii graph graphs.

The visual mode has been enhanced to better handle cursor, enable feedback mode (useful for screencasts), navigating references with x and X keys, and support the mouse wheel for scrolling (which can be disabled with the scr.wheel eval variable).

RSoC

Since we’ve been rejected from the GSoC, we’ve launched our own Summer of Code. Which turned to be kinda profitable from the point of view of new contributors, feedback, testing and getting new features ready for the masses. Congratulations to everyone who attended and participated!

We will soon release another post explaining all the details of the finalized RSoC.

Structures support

Now with r2 -nn it is possible to analyze the file header structs using the pf., pxa and other related commands.

$ r2 -nn /path/to/bin

FLIRT and YARA support

jfrankowski did a great RSoC, and improved yara support in radare2, and also added the FLIRT one! Currently, radare2 is only able to use existing signatures, but feel free to drop us a patch to build our own, using radare!

Yara3 support is almost there, but we prefer to release for a welltested yara2 version and push the upgrade in 0.9.9.

PDB support

inisider implemented a standalone library to handle PDB files, and integrated it into radare2. You can now analyse/debug PE with much more ease.

> .!rabin2 -rP test.pdb

Integration and bindings

The IDA to r2 Python script has been also updated.

Duktape have been included to support inline Javascript scripting, which turns to enable portable programs that can run in NodeJS, the r2 shell or the web browser without modifications.

We have also integrated support for GZip files which can be now slurped or loaded without depending on external programs (as we already did with ZIP).

Documentation and PR

Forensics

libmagic support has been enhanced to the point that we can already replace some features of binwalk to analyze router firmware images.

Also, several commands for searching with asteroids have been added, in order to make data analysis much better.

Also, commands like rabin2 -zzz allow to dump all strings from a file without storing the results in memory which works great for dumping harddisks or memory snapshots.

R2Pipe and JSON

Since this release you now can use a very fast kind of bindings - r2pipe, which is actually piping output of the commands inside the chosen language wrappers instead of directly calling C function from the library. Also it is very easy to use, because if you know radare2 commands.

A lot of commands spit JSON when typing a j at the end of the command. This is very useful for exporting information from r2 or processing it from the webui.

In addition a bunch of new bindings have been created under the name of r2pipe which use r2 with -0 flag to send commands and receive output asyncrunously.